Objectives and competences
Students to provide in-depth knowledge of information security management. Which is becoming increasingly important at all levels of the organization to ensure continuous operation of information systems, which are constantly exposed to various dangers. The course deals with the management and governance of information security to reduce security risks and provides a higher level of reliability, availability and integrity of the system.
Content (Syllabus outline)
Advances in information security.
Implementation of information security.
Measuring the information security.
Degree of maturity of IT governance.
The scope and cost in information security investing.
Dependence on information and communication technologies for the information assurance.
Information security dependence on subjects outside the direct control of the enterprise.
IT errors and the impact on the reputation of the company.
Detection of security flaws.
Technological options, organizational change, business processes and business practices to improve information security.
Improvements in information security, providing new opportunities and reduce costs.
Learning and teaching methods
The subject will consist of lectures, tutorials, case studies, discussions on current topics, group and individual consultations and preparation of seminar papers. Special attention is focused on students' active participation in discussions and exercises.
Intended learning outcomes - knowledge and understanding
Knowledge and Understanding:
The acquisition of knowledge on specific forms of assurance and threats to information security with a focus on independent understanding of new trends among students. This provides an understanding of long-term trends and successful in competitive business environments.
Transferable/Key Skills and other attributes:
Students build on and further understand importance of information security, latest trends and upcoming threats, opportunities and protections against them.
Readings
Bernik, Prislan: Kibernetska kriminaliteta, informacijsko bojevanje in kibernetski terorizem, Fakulteta za varnostne vede, 2012
VonSolms, S.H. in vonSolms, R.: Information Security Governance, Springer, 2008 Brotby, K.: Information Security Governance, Wiley, 2009
Cohen, F.: Security Governance Checklists: Business Operations, Security Governance, Risk Management, And Enterprise Security Architecture, Fred Cohen & Associates, 2005
Tipton, F.H. in Krause, M.: Information Security Management Handbook, Sixth Edition, Isc2 Press, 2007
Prerequisits
Understanding of ICT, IS and digital forensics
Additional information on implementation and assessment Essay (draft article).
Presentation and publication of the article.
Oral examination.
